29 matches found
AlchemyCMS - Authenticated Remote Code Execution (RCE) via eval injection in ResourcesHelper
Summary A vulnerability was discovered during a manual security audit of the AlchemyCMS source code. The application uses the Ruby eval function to dynamically execute a string provided by the resourcehandler.enginename attribute in Alchemy::ResourcesHelperresourceurlproxy. Details The...
CVE-2022-38993
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...
EUVD-2001-1162
Malware in sbrugna...
EUVD-2016-1750
Malware in sbrugna...
EUVD-2025-27769
Malicious code in bioql PyPI...
CVE-2025-56588
Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution RCE vulnerability in the User module configuration via the computed field parameter...
CVE-2025-56588
Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution RCE vulnerability in the User module configuration via the computed field parameter...
CVE-2025-56588
Dolibarr ERP & CRM v21.0.1 contains a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter (CVE-2025-56588). Affected software is Dolibarr’s ERP/CRM, with impact described as RCE; CVSSv3 metrics indicate HIGH impact across confidentiality, in...
CVE-2025-30048
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication...
CVE-2025-30048
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication...
CVE-2025-30048
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2025-30048 Unauthenticated access to module configuration endpoint
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication...
CVE-2025-30048 Unauthenticated access to module configuration endpoint
The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication...
Linux Distros Unpatched Vulnerability : CVE-2018-10938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to...
CVE-2022-48499
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability...
DRUPAL-CONTRIB-2024-033
This module enables you to cache pages for logged in users at the Varnish level. The Varnish bin names may be guessable when no hashing noise configuration is set on the module configuration page, which would ultimately allow any user to view cached pages that were intended for other roles when...
Huawei EMUI 安全漏洞
Huawei EMUI is an Android-based mobile operating system developed by Chinese company Huawei. A security vulnerability exists in Huawei EMUI version 12.0.0, which stems from a configuration flaw in the Secure Operating System module, and successful exploitation of this vulnerability will impact...
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...
CVE-2022-38997
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a configuration flaw in a module. Successful exploitation of the vulnerability could...